Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4724

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4724
Last Modified 05 Feb 2009 01:30:09
Published 05 Sep 2007 03:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4724

Summary

Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.

Vulnerable Systems

Application

  • Apache Tomcat 4.1.31


References

BUGTRAQ - 20070904 Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability

OSVDB - 41029

BUGTRAQ - 20070904 Re: Apache tomcat calendar example cross site scripting and cross site request forgery vulnerability

SREASON - 3094


Last Updated: 27 May 2016 10:45:57